Cisco's AnyConnect Secure Mobility Solution is a two-box enterprise play that poses some problems for small and midsized businesses.
The Adaptive Security Appliance (ASA) piece of the puzzle delivers firewall and VPN, but not the other security features found in an integrated unified threat management (UTM) device. For example, content scanning for malware requires an add-in hardware module and a subscription, as does intrusion prevention.
The problem is that you can only put a single add-in hardware module in any of the appliances, so you have to pick whether you want intrusion-prevention system or anti-malware in your VPN gateway, rather than having the ability to use both as most other UTM firewalls allow.
When the ASA is acting as a firewall, picking one or the other makes sense, because you usually leave anti-malware to end-point software and an anti-spam gateway. When the ASA is acting as a VPN concentrator, however, having both protections is a very attractive defense-in-depth strategy, but the ASA doesn't allow you to do that directly.
In an enterprise environment, Cisco solves this problem by recommending the second box, the full-feature IronPort S-series Web security appliance. (See Forced upgrades rankle Cisco customers.)
However, the two-box solution could have a side effect of pushing Cisco remote access out of the price range and complexity level appropriate for many small business networks.
Here is the list of Keeper Security's 25 most common passwords in 2016, as well as how fast two...
We'll show you how to protect your online privacy as governments around the world, including the U.S.,...
The U.S. government reportedly pays Geek Squad technicians to dig through your PC for files to give to...
Dropping your iPhone in the toilet could soon be something you can laugh instead of cry about if the...
Eight years is but a blink in the grand scheme, yet so much will have changed on the technology and...
Avoid the five resume writing mistakes most commonly seen in the IT Resume Makeover series.
While it might be easy to dismiss sites like Facebook, Twitter, and LinkedIn as harmless diversions for...